Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Purpose 3-6 Check in Deprecated TCF Versions i.e. less than v2.2 #35

Open
imrahul361 opened this issue Nov 4, 2024 · 0 comments
Open

Comments

@imrahul361
Copy link

In our current implementation, we check for the presence of Purposes 3-6 even though they are deprecated in TCF versions 2.2 and higher. Given that these purposes are not applicable and should be set to false, it raises the question of why we need to include this check at all.

// Check for specific 2.2 Requirements and exit early.
// From IAB Docs: https://github.com/InteractiveAdvertisingBureau/GDPR-Transparency-and-Consent-Framework/blob/master/TCFv2/IAB%20Tech%20Lab%20-%20Consent%20string%20and%20vendor%20list%20formats%20v2.md#the-core-string
// "With TCF v2.2 support for legitimate interest for purpose 3 to 6 has been deprecated. Bits 2 to 5 are required to be set to 0."
// All future versions will also have the requirement.

if mv, _ := p.MinorVersion(); mv >= 2 {
		// Bitfield uses 1-indexing, so we need to check for purposes 3-6 (not bit positions 2-5).
		for lit := 3; lit <= 6; lit++ {
			if p.PurposesLITransparency[lit] != false {
				return nil, errors.Errorf("TCF String Version 2.2 or higher has invalid PurposesLIT %d not set to 0.", lit)
			}
		}
	}

Here are the points for consideration:

Redundancy of Checks: Since Purposes 3-6 are deprecated, checking their values seems redundant. If they are present and marked as true, they are not useful for further processing.

Proposed Solutions:

We could modify the logic to ignore Purposes 3-6 entirely in TCF versions 2.2 and above, rather than explicitly checking if they are set to false.
Alternatively, we could set these purposes to false during processing, thus streamlining our implementation.
Clarity and Maintenance: Removing this check could simplify our codebase and improve readability. It also reduces the potential for confusion regarding the relevance of these deprecated purposes.

I would like to propose that we either remove this check or modify our handling of Purposes 3-6 to reflect their deprecated status. What are your thoughts on this approach?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant